HtmlOutput object that can be returned from the script.
*
*
* var output = HtmlService.createHtmlOutput();
* HtmlOutput object from a BlobSource resource.
*
*
* function createFromBlob(blob) {
* var output = HtmlService.createHtmlOutput(blob);
* return output;
* }
* HtmlOutput object
*/
function createHtmlOutput(
blob: BlobSource
): HtmlService.HtmlOutput
/**
* Creates a new HtmlOutput object that can be returned from the script.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello world!</b>');
* HtmlOutput object from a file in the code editor.
*
*
* var output = HtmlService.createHtmlOutputFromFile('myPage');
* HtmlOutput object
*/
function createHtmlOutputFromFile(
filename: string
): HtmlService.HtmlOutput
/**
* Creates a new HtmlTemplate object from a BlobSource resource.
*
*
* function createFromBlob(blob) {
* var template = HtmlService.createTemplate(blob);
* return output;
* }
* HtmlTemplate object
*/
function createTemplate(
blob: BlobSource
): HtmlService.HtmlTemplate
/**
* Creates a new HtmlTemplate object that can be returned from the script.
*
*
* var template = HtmlService.createTemplate('<b>The time is <?= new Date() ?></b>');
* HtmlTemplate object
*/
function createTemplate(
html: string
): HtmlService.HtmlTemplate
/**
* Creates a new HtmlTemplate object from a file in the code editor.
*
*
* var template = HtmlService.createTemplateFromFile('myTemplate');
* HtmlTemplate object
*/
function createTemplateFromFile(
filename: string
): HtmlService.HtmlTemplate
/**
* Gets the user-agent string for the current browser. Returns null for most script
* executions if not used in a web app's doGet() or doPost() function.
*
* @returns the user-agent string
*/
function getUserAgent(): string
class HtmlOutput {
private constructor();
/**
* Adds a meta tag to the page. Meta tags included directly in an Apps Script HTML file are
* ignored. Only the following meta tags are allowed:
*
*
* <meta name="apple-mobile-web-app-capable" content="..."/>
* <meta name="google-site-verification" content="..."/>
* <meta name="mobile-web-app-capable" content="..."/>
* <meta name="viewport" content="..."/>
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.addMetaTag('viewport', 'width=device-width, initial-scale=1');
* HtmlOutput. Use this only for content from a
* trusted source, because it is not escaped.
*
*
* // Log "<b>Hello, world!</b><p>Hello again, world.</p>"
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.append('<p>Hello again, world.</p>');
* Logger.log(output.getContent());
* HtmlOutput, using contextual escaping.
*
* This method correctly escapes content based on the current state of the HtmlOutput,
* so that the result is a safe string with no markup or side affects. Use this instead of using
* append whenever you are adding content from an untrusted source, such as from a user, to avoid
* accidentally allowing a cross site scripting (XSS) bug where content or markup that you append
* causes unexpected code execution.
*
*
* // Log "<b>Hello, world!</b><p>Hello again, world.</p>"
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.appendUntrusted('<p>Hello again, world.</p>');
* Logger.log(output.getContent());
* HtmlTemplate backed by this HtmlOutput. This method can be used to
* build up a template incrementally. Future changes to HtmlOutput affect the contents of
* the HtmlTemplate as well.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* var template = output.asTemplate();
* HtmlTemplate.
*/
asTemplate(): HtmlService.HtmlTemplate
/**
* Clears the current content.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.clear();
* To view the daily quotas for conversions, see Quotas for Google
* Services. Newly created G Suite domains might be temporarily subject to stricter quotas.
*
* @param contentType - The MIME type to convert to. For most blobs, 'application/pdf' is
* the only valid option. For images in BMP, GIF, JPEG, or PNG format, any of 'image/bmp', 'image/gif', 'image/jpeg', or 'image/png' are also
* valid.
*
* @returns The data as a blob.
*/
getAs(
contentType: string
): Blob
/**
* Return the data inside this object as a blob.
*
* @returns The data as a blob.
*/
getBlob(): Blob
/**
* Gets the content of this HtmlOutput.
*
*
* // Log "<b>Hello, world!</b>"
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* Logger.log(output.getContent());
* setFaviconUrl(iconUrl). Favicon link tags included directly in an Apps Script HTML file are
* ignored.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setFaviconUrl('http://www.example.com/image.png');
* Logger.log(output.getFaviconUrl();
* HtmlOutput is published as a web app instead, this
* method returns null. To resize a dialog that is already open, call
* google.script.host.setHeight(height) in client-side code.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setHeight(200);
* Logger.log(output.getHeight());
* addMetaTag(name, content). Meta tags included directly in an Apps Script HTML file are
* ignored.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.addMetaTag('viewport', 'width=device-width, initial-scale=1');
*
* var tags = output.getMetaTags();
* Logger.log('<meta name="%s" content="%s"/>', tags[0].getName(), tags[0].getContent());
* addMetaTag(name, content).
*/
getMetaTags(): HtmlService.HtmlOutputMetaTag[]
/**
* Gets the title of the output page. Note that the <title> HTML element is ignored.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* Logger.log(output.getTitle());
* HtmlOutput is published as a web app instead, this
* method returns null. To resize a dialog that is already open, call
* google.script.host.setWidth(width) in client-side code.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setWidth(200);
* Logger.log(output.getWidth());
* HtmlOutput.
*
*
* var output = HtmlService.createHtmlOutput();
* output.setContent('<b>Hello, world!</b>');
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setFaviconUrl('http://www.example.com/image.png');
* HtmlOutput is published as a web app instead, this
* method has no effect. To resize a dialog that is already open, call
* google.script.host.setHeight(height) in client-side code.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setHeight(200);
* null results in a default value.
*
* @returns This output, for chaining.
*/
setHeight(
height: number
): HtmlService.HtmlOutput
/**
* This method now has no effect — previously it set the sandbox
* mode used for client-side scripts. To protect users from being served malicious HTML or
* JavaScript, client-side code served from HTML service executes in a security sandbox that
* imposes restrictions on the code. Originally this method allowed script authors to choose
* between different versions of the sandbox, but now all scripts now use IFRAME mode
* regardless of what sandbox mode is set. For more information, see the guide to restrictions in HTML service.
*
* The IFRAME mode imposes many fewer restrictions than the other sandbox modes and
* runs fastest, but does not work at all in certain older browsers, including Internet Explorer
* 9. The sandbox mode can be read in a client-side script by inspecting google.script.sandbox.mode. Note that this property returns the actual mode on the client,
* which may differ from the mode requested on the server if the requested mode is not supported
* in the user's browser.
*
*
* <!-- Read the sandbox mode (in a client-side script). -->
* <script>
* alert(google.script.sandbox.mode);
* </script>
* HtmlOutput shown in Google Sheets, this is the dialog title.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setTitle('My First Page');
* HtmlOutput is published as a web app instead, this
* method has no effect. To resize a dialog that is already open, call
* google.script.host.setWidth(width) in client-side code.
*
*
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setWidth(200);
* null results in a default value.
*
* @returns This output, for chaining.
*/
setWidth(
width: number
): HtmlService.HtmlOutput
/**
* Sets the state of the page's X-Frame-Options header, which controls clickjacking
* prevention.
*
* Setting XFrameOptionsMode.ALLOWALL lets any site iframe the page, so the
* developer should implement their own protection against clickjacking.
*
*
If a script does not set an X-Frame-Options mode, Apps Script uses XFrameOptionsMode.DEFAULT mode as the default.
*
*
* // Serve HTML with no X-Frame-Options header (in Apps Script server-side code).
* var output = HtmlService.createHtmlOutput('<b>Hello, world!</b>');
* output.setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);
* HtmlOutputMetaTag.
*
* @returns the name of this meta tag.
*/
getName(): string
}
class HtmlTemplate {
private constructor();
/**
* Evaluates this template and returns an HtmlOutput object. Any properties set on this
* HtmlTemplate object will be in scope when evaluating. To debug errors in a template,
* examine the code using the getCode() method.
*
*
* // A template which evaluates to whatever is bound to 'foo'.
* var template = HtmlService.createTemplate('<?= foo ?>');
* template.foo = 'Hello World!';
* Logger.log(template.evaluate().getContent()); // will log 'Hello World!'
*
* eval(<code>) will return a new HtmlOutput object with the content of the
* template after running all embedded server scripts. The generated code is intended to be
* human-readable, and so if you need to debug a template you can call
* Logger.log(<code>) to see what was produced.
*
* Evaluating this code will implicitly bind in all variables in the current scope. In general,
* it's preferable to use the evaluate() method, which takes explicit bindings.
*
*
* var template = HtmlService.createTemplate('<b>The time is <?= new Date() ?></b>');
* Logger.log(template.getCode());
* eval(<code>) will return
* a new HtmlOutput object with the content of the template after running all embedded
* server scripts. The generated code is intended to be human-readable, and so if you need to
* debug a template you can call Logger.log(<code>) to see what was produced.
*
* Evaluating this code will implicitly bind in all variables in the current scope. In general,
* it's preferable to use the evaluate() method, which takes explicit bindings.
*
*
* var template = HtmlService.createTemplate('<b>The time is <?= new Date() ?></b>');
* Logger.log(template.getCodeWithComments());
*
* var template = HtmlService.createTemplate('<b>The time is <?= new Date() ?></b>');
* Logger.log(template.getRawContent());
* EMULATED was sunset as of December 10,
* 2015. All scripts attempting use EMULATED will now use IFRAME instead.
*/
EMULATED = "EMULATED",
/**
* A sandbox mode that uses iframe sandboxing instead of the Caja sandbox technology used by the
* EMULATED and NATIVE modes. This mode is the default for new scripts as of
* November 12, 2015 and for all scripts as of July 6, 2016.
*
*
This mode imposes many fewer restrictions than the other sandbox modes and runs fastest, but
* does not work at all in certain older browsers, including Internet Explorer 9.
*/
IFRAME = "IFRAME",
/**
* A sandbox mode that is built on top of ECMAScript 5 strict mode. A sandbox mode built on top of
* ECMAScript 5 strict mode. This mode was sunset as
* of July 6, 2016. All scripts now use IFRAME mode.
*/
NATIVE = "NATIVE",
}
enum XFrameOptionsMode {
/**
* No X-Frame-Options header will be set. This will let any site iframe the page, so the
* developer should implement their own protection against clickjacking.
*/
ALLOWALL = "ALLOWALL",
/**
* Sets the default value for the X-Frame-Options header, which preserves normal security
* assumptions. If a script does not set an X-Frame-Options mode, Apps Script uses this
* mode as the default.
*/
DEFAULT = "DEFAULT",
}
}